def post(self):
contract = self.request.validated["contract"]
data = self.request.validated["ownership_data"]
location = get_transfer_location(self.request, "Contract", contract_id=contract.id)
transfer = extract_transfer(self.request, transfer_id=data["id"])
if transfer.get("usedFor") and transfer.get("usedFor") != location:
self.request.errors.add("body", "transfer", "Transfer already used")
self.request.errors.status = 403
return
update_ownership(contract, transfer)
self.request.validated["contract"] = contract
transfer.usedFor = location
self.request.validated["transfer"] = transfer
if save_transfer(self.request):
self.LOGGER.info(
"Updated transfer relation {}".format(transfer.id),
extra=context_unpack(self.request, {"MESSAGE_ID": "transfer_relation_update"}),
)
if save_contract(self.request):
self.LOGGER.info(
"Updated ownership of contract {}".format(contract.id),
extra=context_unpack(self.request, {"MESSAGE_ID": "contract_ownership_update"}),
)
return {"data": contract.serialize("view")}
def post(self):
complaint = self.request.context
tender = self.request.validated['tender']
award_id = self.request.validated['award_id']
data = self.request.validated['ownership_data']
if complaint.transfer_token == sha512(data['transfer']).hexdigest():
location = self.request.route_path('Tender Award Complaints', tender_id=tender.id, award_id=award_id, complaint_id=complaint.id)
location = location[len(ROUTE_PREFIX):] # strips /api/<version>
transfer = extract_transfer(self.request, transfer_id=data['id'])
if transfer.get('usedFor') and transfer.get('usedFor') != location:
self.request.errors.add('body', 'transfer', 'Transfer already used')
self.request.errors.status = 403
return
else:
self.request.errors.add('body', 'transfer', 'Invalid transfer')
self.request.errors.status = 403
return
update_ownership(complaint, transfer)
transfer.usedFor = location
self.request.validated['transfer'] = transfer
if save_transfer(self.request):
self.LOGGER.info('Updated transfer relation {}'.format(transfer.id),
extra=context_unpack(self.request, {'MESSAGE_ID': 'transfer_relation_update'}))
if save_tender(self.request):
self.LOGGER.info('Updated award {} complaint {} ownership of tender {}'.format(complaint.id, award_id, tender.id),
extra=context_unpack(self.request, {'MESSAGE_ID': 'award_complaint_ownership_update'}, {'complaint_id': complaint.id, 'award_id': award_id, 'tender_id': tender.id}))
return {'data': complaint.serialize('view')}
def post(self):
tender = self.request.validated['tender']
data = self.request.validated['ownership_data']
if tender.transfer_token == sha512(data['transfer']).hexdigest():
location = self.request.route_path('Tender', tender_id=tender.id)
location = location[len(ROUTE_PREFIX):] # strips /api/<version>
transfer = extract_transfer(self.request, transfer_id=data['id'])
if transfer.get('usedFor') and transfer.get('usedFor') != location:
self.request.errors.add('body', 'transfer', 'Transfer already used')
self.request.errors.status = 403
return
else:
self.request.errors.add('body', 'transfer', 'Invalid transfer')
self.request.errors.status = 403
return
update_ownership(tender, transfer)
self.request.validated['tender'] = tender
transfer.usedFor = location
self.request.validated['transfer'] = transfer
if save_transfer(self.request):
self.LOGGER.info('Updated transfer relation {}'.format(transfer.id),
extra=context_unpack(self.request, {'MESSAGE_ID': 'transfer_relation_update'}))
if save_tender(self.request):
self.LOGGER.info('Updated ownership of tender {}'.format(tender.id),
extra=context_unpack(self.request, {'MESSAGE_ID': 'tender_ownership_update'}))
return {'data': tender.serialize('view')}
def collection_post(self):
transfer = self.request.validated['transfer']
access_token = transfer.access_token
transfer_token = transfer.transfer_token
set_ownership(transfer,
self.request,
access_token=access_token,
transfer_token=transfer_token)
self.request.validated['transfer'] = transfer
if save_transfer(self.request):
self.LOGGER.info(
'Created transfer {}'.format(transfer.id),
extra=context_unpack(self.request,
{'MESSAGE_ID': 'transfer_create'},
{'transfer_id': transfer.id}))
self.request.response.status = 201
return {
'data': transfer.serialize("view"),
'access': {
'token': access_token,
'transfer': transfer_token,
}
}
def collection_post(self):
transfer_id = generate_id()
transfer = self.request.validated["transfer"]
transfer.id = transfer_id
access_token = transfer.access_token
transfer_token = transfer.transfer_token
set_ownership(transfer,
self.request,
access_token=access_token,
transfer_token=transfer_token)
self.request.validated["transfer"] = transfer
if save_transfer(self.request):
self.LOGGER.info(
"Created transfer {}".format(transfer.id),
extra=context_unpack(self.request,
{"MESSAGE_ID": "transfer_create"},
{"transfer_id": transfer.id}),
)
self.request.response.status = 201
return {
"data": transfer.serialize("view"),
"access": {
"token": access_token,
"transfer": transfer_token
}
}
def post(self):
contract = self.request.validated['contract']
data = self.request.validated['ownership_data']
if contract.status != "active":
self.request.errors.add('body', 'data', 'Can\'t update credentials in current ({}) contract status'.format(contract.status))
self.request.errors.status = 403
return
if contract.transfer_token == sha512(data.get('transfer', '')).hexdigest() or contract.tender_token == sha512(data.get('tender_token', '')).hexdigest():
transfer = extract_transfer(self.request, transfer_id=data['id'])
if data.get('tender_token') and contract.owner != transfer.owner:
self.request.errors.add('body', 'transfer', 'Only owner is allowed to generate new credentials.')
self.request.errors.status = 403
return
location = self.request.route_path('Contract', contract_id=contract.id)
location = location[len(ROUTE_PREFIX):] # strips /api/<version>
if transfer.get('usedFor') and transfer.get('usedFor') != location:
self.request.errors.add('body', 'transfer', 'Transfer already used')
self.request.errors.status = 403
return
else:
self.request.errors.add('body', 'transfer', 'Invalid transfer')
self.request.errors.status = 403
return
update_ownership(contract, transfer)
self.request.validated['contract'] = contract
transfer.usedFor = location
self.request.validated['transfer'] = transfer
if save_transfer(self.request):
self.LOGGER.info('Updated transfer relation {}'.format(transfer.id),
extra=context_unpack(self.request, {'MESSAGE_ID': 'transfer_relation_update'}))
if save_contract(self.request):
self.LOGGER.info('Updated ownership of contract {}'.format(contract.id),
extra=context_unpack(self.request, {'MESSAGE_ID': 'contract_ownership_update'}))
return {'data': contract.serialize('view')}
def post(self):
agreement = self.request.validated["agreement"]
data = self.request.validated["ownership_data"]
route_name = "{}.Agreement".format(agreement.agreementType)
location = get_transfer_location(self.request,
route_name,
agreement_id=agreement.id)
transfer = extract_transfer(self.request, transfer_id=data["id"])
if transfer.get("usedFor") and transfer.get("usedFor") != location:
self.request.errors.add("body", "transfer",
"Transfer already used")
self.request.errors.status = 403
return
update_ownership(agreement, transfer)
self.request.validated["agreement"] = agreement
transfer.usedFor = location
self.request.validated["transfer"] = transfer
if save_transfer(self.request):
self.LOGGER.info(
"Updated transfer relation {}".format(transfer.id),
extra=context_unpack(
self.request, {"MESSAGE_ID": "transfer_relation_update"}),
)
if save_agreement(self.request):
self.LOGGER.info(
"Updated ownership of agreement {}".format(agreement.id),
extra=context_unpack(
self.request,
{"MESSAGE_ID": "agreement_ownership_update"}),
)
return {"data": agreement.serialize("view")}
def post(self):
tender = self.request.validated["tender"]
data = self.request.validated["ownership_data"]
route_name = "{}:Tender".format(tender.procurementMethodType)
location = get_transfer_location(self.request,
route_name,
tender_id=tender.id)
transfer = extract_transfer(self.request, transfer_id=data["id"])
if transfer.get("usedFor") and transfer.get("usedFor") != location:
self.request.errors.add("body", "transfer",
"Transfer already used")
self.request.errors.status = 403
return
update_ownership(tender, transfer)
self.request.validated["tender"] = tender
transfer.usedFor = location
self.request.validated["transfer"] = transfer
if save_transfer(self.request):
self.LOGGER.info(
"Updated transfer relation {}".format(transfer.id),
extra=context_unpack(
self.request, {"MESSAGE_ID": "transfer_relation_update"}),
)
if save_tender(self.request):
self.LOGGER.info(
"Updated ownership of tender {}".format(tender.id),
extra=context_unpack(
self.request,
{"MESSAGE_ID": "tender_ownership_update"}),
)
return {"data": tender.serialize("view")}